Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/iYjkiJaRGnBETZlEydSbbSczJUc.roa
File: iYjkiJaRGnBETZlEydSbbSczJUc.roa (raw, json)
Hash identifier: sBB96CAbUt4uz7RB43SUEjN8vs1vOjj5Z2ffnfxN60c=
Subject key identifier: 89:88:E4:88:96:91:1A:70:44:4D:99:44:C9:D4:9B:6D:27:33:25:47
Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Certificate serial: 1BCF
Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/iYjkiJaRGnBETZlEydSbbSczJUc.roa
Signing time: Fri 17 Jan 2025 01:27:05 +0000
ROA not before: Fri 17 Jan 2025 01:27:05 +0000
ROA not after: Sat 27 Sep 2025 02:40:14 +0000
asID: 63678
IP address blocks: 27.0.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7119 (0x1bcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A
Validity
Not Before: Jan 17 01:27:05 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=8988E48896911A70444D9944C9D49B6D27332547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ca:bf:0b:74:78:e2:10:d0:e7:0b:3a:83:05:
03:c0:1f:5c:27:27:0c:56:50:6b:84:66:28:50:c9:
06:85:dd:0c:52:10:a0:cd:06:ce:90:c0:c9:ff:43:
7b:e3:74:27:9a:b4:d4:9d:33:50:28:ef:8e:49:ad:
ea:c3:63:7f:af:1a:b0:6f:ae:8d:fd:31:d5:20:08:
b7:7c:f9:d1:f0:84:d8:91:3d:75:45:24:66:f3:f8:
c0:04:12:dc:d2:fe:d3:c7:db:99:8e:dd:3d:bb:68:
f2:05:20:23:c1:50:e7:ac:54:b4:19:14:d9:0e:18:
3a:dc:5b:16:d7:b5:11:cb:ef:3f:af:34:c9:ed:03:
a9:69:03:33:6a:69:16:78:e9:c6:ff:06:e8:ca:c5:
3c:91:8a:59:ca:0c:4f:1a:41:88:90:ad:7c:d7:2b:
43:21:de:69:2f:3d:14:57:bd:d8:95:01:cf:68:28:
78:37:79:b7:e5:7a:3f:2b:b9:15:5b:18:46:18:db:
e4:7b:1b:97:7d:10:2a:8b:36:7b:dd:fc:e8:7b:ed:
51:3e:56:b5:b9:6a:02:0d:d8:d9:80:4c:aa:ae:d3:
9d:8f:49:97:13:e5:f3:e0:7f:81:57:3d:3b:8b:3f:
f2:53:af:49:34:a8:c5:12:66:d8:9b:8a:b1:8f:4d:
93:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:88:E4:88:96:91:1A:70:44:4D:99:44:C9:D4:9B:6D:27:33:25:47
X509v3 Authority Key Identifier:
keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/iYjkiJaRGnBETZlEydSbbSczJUc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.204.0/24
Signature Algorithm: sha256WithRSAEncryption
21:31:ec:e3:c1:1e:23:ae:13:48:cc:1b:7c:43:70:f1:3c:8f:
ae:35:7e:cc:b3:0c:d1:0e:40:7e:a9:7b:a2:38:c6:fe:e4:c2:
6d:98:5d:21:df:cc:77:b2:e9:b4:2c:a5:b6:91:55:0b:80:42:
16:e0:ad:58:c7:5e:2a:0b:fd:e0:64:71:1c:f6:20:6c:4d:15:
1f:b9:f1:49:29:7f:dc:0f:78:74:07:ca:fb:c2:f2:5d:6f:10:
d3:8b:89:48:bc:87:85:33:5e:e8:a8:8c:af:68:3e:b5:e8:ed:
73:aa:42:a4:b6:6f:d7:bf:18:12:93:74:98:6f:ef:91:7d:2e:
ce:f4:ff:56:c2:e2:06:0c:cb:d0:d1:24:4e:92:a0:9f:92:3f:
b0:bb:d5:2a:d1:6d:5f:f6:b0:8b:97:9e:fb:c1:12:99:59:48:
d9:be:c2:6f:4f:f2:a6:29:4d:4f:04:e0:00:d7:45:53:0a:b3:
9c:44:45:a9:29:14:4e:0d:81:49:72:9e:69:0f:cc:c0:d1:78:
79:26:65:49:48:84:fc:a4:3b:9e:63:4f:51:a8:1a:a8:48:1d:
08:7a:5b:e3:b1:d6:c7:a3:54:4c:d1:0f:da:06:c4:95:6c:d8:
9b:9f:c3:4b:bf:de:86:8d:92:dd:b9:ec:65:c2:d7:b7:f2:d9:
ff:ff:9a:3d
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICG88wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx
RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNTAxMTcw
MTI3MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg5ODhFNDg4OTY5MTFB
NzA0NDREOTk0NEM5RDQ5QjZEMjczMzI1NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2yr8LdHjiENDnCzqDBQPAH1wnJwxWUGuEZihQyQaF3QxSEKDN
Bs6QwMn/Q3vjdCeatNSdM1Ao745JrerDY3+vGrBvro39MdUgCLd8+dHwhNiRPXVF
JGbz+MAEEtzS/tPH25mO3T27aPIFICPBUOesVLQZFNkOGDrcWxbXtRHL7z+vNMnt
A6lpAzNqaRZ46cb/BujKxTyRilnKDE8aQYiQrXzXK0Mh3mkvPRRXvdiVAc9oKHg3
ebflej8ruRVbGEYY2+R7G5d9ECqLNnvd/Oh77VE+VrW5agIN2NmATKqu052PSZcT
5fPgf4FXPTuLP/JTr0k0qMUSZtibirGPTZPxAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUiYjkiJaRGnBETZlEydSbbSczJUcwHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h
2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz
MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvaVlqa2lKYVJHbkJF
VFpsRXlkU2JiU2N6SlVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEABsAzDANBgkqhkiG9w0BAQsFAAOCAQEAITHs48EeI64TSMwbfENw8TyPrjV+
zLMM0Q5Afql7ojjG/uTCbZhdId/Md7LptCyltpFVC4BCFuCtWMdeKgv94GRxHPYg
bE0VH7nxSSl/3A94dAfK+8LyXW8Q04uJSLyHhTNe6KiMr2g+tejtc6pCpLZv178Y
EpN0mG/vkX0uzvT/VsLiBgzL0NEkTpKgn5I/sLvVKtFtX/awi5ee+8ESmVlI2b7C
b0/ypilNTwTgANdFUwqznERFqSkUTg2BSXKeaQ/MwNF4eSZlSUiE/KQ7nmNPUaga
qEgdCHpb47HWx6NUTNEP2gbElWzYm5/DS7/eho2S3bnsZcLXt/LZ//+aPQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:32:29 2025 by rpki-client